Industrial control protocol vulnerability mining system based on fuzzy test

A technology of fuzz testing and vulnerability mining, applied in transmission systems, digital transmission systems, electrical components, etc., can solve problems such as real-time performance and high reliability requirements, and achieve the effect of improving adaptability and improving hit rate

Inactive Publication Date: 2016-06-29
BEIJING UNIV OF TECH
View PDF2 Cites 36 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] Due to the high real-time and reliability requirements of industrial control systems, man

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Industrial control protocol vulnerability mining system based on fuzzy test
  • Industrial control protocol vulnerability mining system based on fuzzy test
  • Industrial control protocol vulnerability mining system based on fuzzy test

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0034] The present invention will be further described below in combination with specific embodiments.

[0035] For example, exploit the vulnerabilities of the ModbusTCP protocol in the industrial control system.

[0036] 1) Grab the data packets in the network through the protocol analysis module, store and analyze the valid data, and then send the obtained protocol format and other information to the data construction module. By capturing and analyzing the data packets, the ModbusTCP data frame format can be known, including the MBPA message header and the PDU data unit. Among them: the MBAP message header includes 4 parts of the transmission flag, protocol identifier, length and unit flag, a total of 7 bytes; the PDU data unit is in the same format as the Modbus protocol, including two parts, the function code and the data field. At the same time, the population size of this test is set to 100 according to the characteristics of the industrial control system.

[0037] 2) ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an industrial control protocol vulnerability mining system based on a fuzzy test. The system comprises a protocol analyzing module, a data construction module, a genetic variation module, a session management module, an agent module, a drive module and an auxiliary tool module; the genetic variation module, the session management module and the agent module are connected with the drive module; the protocol analyzing module is connected with the data construction module and then is connected with the genetic variation module; and the drive module is used for connecting a test target. According to the system, the conditions of the tested target can be learned and analyzed; related data such as test scripts and a test case are specifically constructed according to the analyzed information; the hit rate of the test case is increased through analyzing the tested target; in a test process, the generation method or variation direction of the test case is adjusted specifically according to the information such as the current state of the tested target and the feedback of the test case; the vulnerability mining efficiency is improved through an efficient adjusting algorithm; and moreover, the system adaptation is increased.

Description

technical field [0001] The invention relates to a loophole mining method in an industrial control system, in particular to a communication protocol loophole mining method in the industrial control system. Background technique [0002] The industrial control system is an important part of the country's key infrastructure. It is widely used in the fields of petroleum and petrochemical, water conservancy and electric power, food processing and sewage treatment, mainly for data acquisition and production control. With the continuous deepening of the integration of informatization and industrialization, industrial control systems are gradually changing from traditional closed environments and single systems to open environments and complex multi-systems. The development brought about by deepening integration has also brought many problems that were not faced before, the most serious of which is the problem of security. [0003] With the addition of emerging Internet technologies...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L12/26H04L29/06H04L29/08
CPCH04L43/18H04L63/1408H04L63/1433H04L67/56
Inventor 赖英旭蔡一鸣宋站威王宇盛
Owner BEIJING UNIV OF TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap